Active antenna steering for network security

ABSTRACT

The disclosure concerns wireless communication systems, including, antenna systems and related methods, which are each directed to utilizing one or more multi-mode antennas for the purpose of varying a radiation pattern characteristic thereof to enhance network security and communication link between an access point and one or more client devices on a network.

CROSS-REFERENCE TO RELATED APPLICATIONS

The present application is a continuation of U.S. application Ser. No.15/828,151, filed Nov. 30, 2017, which claims benefit of priority withU.S. Provisional Application Ser. No. 62/428,489, filed Nov. 30, 2016;the entire contents of which are hereby incorporated by reference.

BACKGROUND Field of the Invention

This invention relates to wireless communication systems, and moreparticularly, to such wireless communication systems and related methodsutilizing one or more active multi-mode antennas for network security.

Description of the Related Art

Active multi-mode antennas, also known as “modal antennas”, generallyinclude a relatively small form factor capable of configuration about aplurality of possible antenna modes, wherein the active multi-modeantenna exhibits distinct radiation pattern characteristics in each modeof the plurality of possible antenna modes. As a result, the antennaradiation pattern can be incrementally adjusted or “steered” about theantenna structure, such that a null, or gain, in the antenna radiationpattern can be directionally adjusted (null steering, beam steering,respectively). In addition, a frequency response of the antenna can beadjusted to create or remove one or more resonances, and the resonancescan be shifted or tuned to achieve a desired frequency response.Accordingly, beam steering, null steering, and frequency response areeach factors which can be controlled by a single active multi-modeantenna.

Prior to the advent of the active multi-mode antenna, engineers wouldimplement various techniques to achieve desired antenna systemparameters. For example, one might have provided two distinct antennas,each in a distinct orientation, and a system capable of switchingbetween the two distinctly oriented antennas in order to achieve adesired performance goal.

In another example, two antennas having distinct polarization could beimplemented, and the one antenna with better performance according to adesired metric would be selected for operation.

Other conventional techniques include the use of antenna arrays having aplurality of antennas connected therein, and selectively radiating oneor more of the plurality of antennas in the array to achieve beamforming and/or beam steering.

In contrast, the active multi-mode antenna includes a single antennaradiating element and one or a plurality of parasitic conductor elementsand active components associated therewith which collectively form themulti-mode antenna. The active multi-mode antenna is capable ofdynamically adjusting one or more radiation pattern characteristics,such that the multi-mode antenna is adjustable to achieve a desiredresult. No longer are multiple antennas required to achieve directionalnulls, gains and frequency variations.

Examples of multi-mode antennas are described in commonly owned U.S.Pat. Nos. 9,240,634; 8,648,755; 8,362,962; and 7,911,402; the entirecontents of each of which is hereby incorporated by reference. Since thestructure of a multi-mode antenna is addressed in at least thesereferences, we will not reiterate such descriptions here. Instead, anyreviewer of this document may reference the above patent literature forspecifics related to the structure of multi-mode antennas.

One benefit of such multi-mode antennas includes lower cost since onlyone antenna radiating element is being provided, as opposed to two ormore in the conventional antennas in an array or switchableconfiguration. Another benefit includes reduced space occupied by asingle multi-mode antenna as opposed to utilizing a prior scheme whichrequires two or more antennas and correspondingly more space. Asconsumer demand drives a need for smaller devices, the need for reducedspace from device components, such as antennas, becomes increasinglyrelevant. In addition, the multi-mode antenna often provides a reductionin power requirements with respect to other multi-antenna schemes forbeam forming and null steering.

Other features and specifics would be recognized by those having skillin the art upon a thorough review of the instant disclosure and otherdetails as referenced in the related art literature cited herein.

SUMMARY

The disclosure concerns wireless communication systems, includingantenna systems and related methods, which are each directed toutilizing one or more active multi-mode antennas for the purpose ofvarying a radiation patient characteristic thereof to enhance networksecurity and communication link between an access point and one or moreuser equipment (UE) devices on a network.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 shows the direction of peak gain for the radiation modes of anactive multi-mode antenna having four distinct modes thereof.

FIG. 2 shows an example network footprint for an office.

FIG. 3 shows an example of a link quality matrix, wherein each antennais surveyed for each antenna mode and each device on the network and thecorresponding signal link quality is determined and populated in thematrix.

FIG. 4 shows an algorithm process for physical network security using amulti-mode antenna system.

FIG. 5 shows an antenna system in accordance with an embodiment.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS

In the following description, for purposes of explanation and notlimitation, details and descriptions are set forth in order to provide athorough understanding of the invention in accordance with one or moreillustrated embodiments. However, it will be apparent to those skilledin the art that the invention may be practiced in other embodiments thatdepart from these details and descriptions without departing from thespirit and scope of the invention. One or more illustrated embodimentswill be described herein with reference to the drawings whereinillustrative features are denoted by reference numerals. It isrecognized that the present described embodiment(s) may be varied andcertain features added, removed or interchanged, such that one mightaccomplish substantially the same result by way of similar means.Accordingly, the scope of the invention is not intended to be limited bythe present disclosure, but instead, should be ascertained by reviewingthe claims in their broadest construction.

Definitions

For purposes herein, the term “Interfering signal” shall mean: a signaloperating within the same frequency range or same frequency channel of atargeted communication link, and disturbing by its power or itsbehavior, the other signals in the frequency bands or in the channel.

The term “active multi-mode antenna” means an antenna with a singleradiating element, and one or more parasitic conductor elementspositioned adjacent to the single radiating element, the one or moreparasitic conductor elements being further coupled to one or more activecomponents, respectively, for varying a reactive loading of associatedwith the parasitic element and thereby changing a radiation patterncharacteristic of the active multi-mode antenna. The active multi-modeantenna is configurable in at least two modes, wherein the antennaprovides a distinct radiation pattern characteristic in each of the atleast two modes.

The term “radiating element” means an antenna structure coupled to asignal source and designed to excite the propagation of electromagneticsignals.

The terms “parasitic conductor element”, or “parasitic element”, may beused interchangeably and are defined as a conductor element positionedadjacent to a radiating element and not connected to a signal source,the parasitic element being configured to alter a radiation patterncharacteristic of the adjacent radiating element; wherein the degree atwhich the parasitic element may alter the radiation patterncharacteristic is influenced by a reactive loading associated with theparasitic element by way of the one or more active components andplacement of the parasitic element relative to the radiating element.

The terms “active component” or “active components” (plural designation)mean any component known by those having skill in the art which can beused to vary a reactive load associated with the parasitic element, or acombination of such components, including but not limited to capacitors,inductors, variable (tunable) capacitors, variable inductors, switches,transistors, or any combination thereof.

The term signal source means a radio circuit such as a receiver,transmitter or transceiver.

General Information:

Active multi-mode antennas can be used in various implementations inorder to achieve improved communication system performance.

In one example, an active multi-mode antenna can be implemented on theuser equipment device (or “client”) side, i.e. within a device such as acell phone, tablet, laptop or similar device. The multi-mode antennawithin the device can be utilized to vary the antenna radiation patternthereof for: (i) improving signal link between the device and an accesspoint or network node, (ii) reducing interference from unwanted sources(null steering); (iii) reducing specific absorption rate (SAR) exposure;(iv) tracking direction of a signal; (v) improving network usage byimproving the “clear to talk” process in a WiFi network; or (vi) acombination thereof.

In another example, a multi-mode antenna can be implemented on theaccess point (or “server”) side, i.e. within an access point or similarnetwork node. The multi-mode antenna within the access point can beutilized to vary the antenna radiation pattern thereof for: (i)improving signal link budget (throughputs and coverage) between theaccess point and one or more client devices connected therewith, (ii)load balancing of the client data access requirements; (iii) improvingnetwork usage by improving the “clear to talk” process in a WiFinetwork, (iv) allowing device localization; or (v) a combinationthereof. One or more active multi-mode antennas can be incorporated intothe access point or node, and each of the multi-mode antennas can beconfigured to provide one or more of the above functions, or othersimilar functions.

In yet another example, one or more multi-mode antennas can beimplemented on a network level, and can be utilized to vary therespective antenna radiation patterns thereof for: (i) improvingintercell or inter communication handover; (ii) allowing dynamic loadbalancing between access points; (iii) allowing dynamic meshingreconfiguration of heterogamous network; or (vi) a combination thereof.

Thus, null steering, beam steering, and other adjustments made possiblethrough the use and implementation of active multi-mode antennas providea range of capabilities for managing communications across variousnetwork levels (device, access point, network).

Now concerning network security, unwanted eaves dropping, signalsniffing, recording, and packet sniffing is a security weakness on anyWiFi network resulting in a possible security breach.

Moreover, a physical network will be defined by a physical footprint,including one or more trusted areas and one or more untrusted or unknownareas. For example, a building might include a keyed access whereinemployees and security-entrusted personnel have access to the one ormore trusted areas, while the general public may have access to one ormore untrusted or unknown areas. Here, it may be beneficial to increasenoise or otherwise minimize link budget for devices outside the trustedareas of the network footprint.

In some embodiments, an active multi-mode antenna is implemented in anetwork device or node and configured in an antenna mode (of theplurality of possible antenna modes) such that maximum gain is providedtoward an identified area within the network footprint, or where it maybe desired to raise the noise floor level, for example, in an “untrustedarea”. Concurrently, the antenna can further be configured in the modethat best minimizes antenna gain toward another area of the networkfootprint wherein trusted devices reside, or a “trusted area”. In thisregard, the active multi-mode antenna can be configured to increasenoise in the untrusted area(s) while minimizing the noise impact withrespect to devices in the trusted area(s). This is achieved by selectingan optimal mode wherein nulls and gain maxima are each considered andoriented in an intended direction.

With increased noise in the direction of an untrusted area, thepossibility of a security breach is significantly reduced at the accesspoint.

In other embodiments, a multi-input multi-output (MIMO) antenna systemis implemented in an access point, the MIMO antenna system includes aplurality of active multi-mode antennas. In the event one or more of theMIMO chains is not in use, the access point and integrated MIMO antennasystem is configured to generate noise, wherein one or more nulls areformed in the radiation pattern and said one or more nulls are pointedtoward a trusted area such that noise is not directed toward approved ortrusted devices in the trusted area.

It has been contemplated that link budget can be maximized between anaccess point and a client device in order to improve the useful payloadsent to the device. Link budget can be maximized by selecting a mode ofthe modal antenna which optimizes the link. However, in certainembodiments, signal to interference plus notice ration (SINR) isminimized in order to protect the user equipment (UE) device from thenoise that the access point will generate via the noise-creatingantenna.

In various embodiments, the access point is configured to identify oneor more user equipment (UE) devices pinging or connected to the network,and said access point is further configured to create noise through oneor more active multi-mode antennas thereof, wherein the noise isdirected toward untrusted devices, untrusted areas, or a combinationthereof, such that network security is physically protected.

While some embodiments describe the use of an active multi-mode antennafor generating noise or interfering signals and steering the activemulti-mode antenna such that the interfering signals are directed tountrusted devices or areas, the reverse application can be appreciatedwhere a communication signal (as opposed to noise) is communicated withmaxima directed toward trusted devices or areas and one or more nullsare directed toward one or more untrusted devices or area.

In some embodiments, one or more active multi-mode antennas can be usedto sample link quality with devices in the network footprint andestimate position of the devices based on an operation which comparesstored radiation pattern mode data and sampled data from the devices toestimate device locations. Upon determining device locations, anddetermining untrusted or unknown devices, one of the one or more activemulti-mode antennas can be used to produce an interfering signal andconfigured in a mode for directing gain of the interfering signal in adirection of the untrusted or unknown device for preventing networkconnection and improving network security.

In other embodiments, a network engineer can use a device configuredwith a software application (“app”) for communicating with the accesspoint, wherein the app communicates location of the device with theaccess point in a “learning mode” such that the access point may learnwhich locations within the building or network footprint are “untrusted”and which are “trusted”. For example, the device can be configured withGPS or other location finding means known in the art, the location ofthe device can be accessed by the app and stored in the form of data, onthe device or on a network server. The app installed on the device canfurther be configured with a GUI and a means for selecting “location istrusted” or “location is untrusted”. The network engineer can physicallypresent the device at each location in the network footprint and executefrom “trusted” and “untrusted” such that the access point can learn andstore data relating to trusted and untrusted areas. In this example, anyarea located between three or more untrusted points will be learned asan untrusted area, whereas any area located between three or moretrusted points will be learned by the access point as a trusted area. Inthis regard, the access point can learn and store information related totrusted and untrusted areas in the network footprint for future use indirecting interfering signals for network security.

Illustrated Embodiments

Now turning to the drawings, FIG. 1 shows the direction of peak gain forthe radiation pattern modes of an active multi-mode antenna having fourdistinct modes thereof. Here, the antenna exhibits a distinct radiationpattern (Radiation Mode 1 through 4) in each of the four modes. Such amulti-mode antenna having multiple radiation modes with a distinctradiation pattern corresponding to the antenna when in each mode,respectively, is integrated into a radio or access point, and the modeof the antenna is selected to optimize the antenna radiation pattern toimprove communication link performance, or to create noise for reducingcommunication performance when desired. Note the direction of peak gainis distinct in each of the four modes of the active multi-mode antenna.

FIG. 2 shows an example network footprint for an office. The officeincludes two offices or rooms (Room 1 and Room 2), and a corridor foraccessing the offices. An access point AP1 is centrally located toservice the needs of the network footprint. Five user equipment devices,or clients, are distributed around the office, wherein devices UE1; UE2;and UE3 are located in Room 1 which is a “trusted area”, whereas deviceUE4 is located in Room 2, and device UE5 is located in the corridor,each of Room 2 and the corridor being an “unknown area” or “untrustedarea”. The access point AP1 includes four antennas in a MIMOconfiguration, one or more of the four antennas comprises an activemulti-mode antenna as described herein. Three of the antennas are usedto produce corresponding first through third radiation patterns, each ofthe first through third radiation patterns are generated by the accesspoint to maximize link budget with the devices in the trusted area. Thefourth antenna of the access point is configured to produce a fourthradiation pattern, which is directed to the adjacent Room 2 and thecorridor, or the unknown/untrusted areas. Note the fourth radiationpattern is configured to produce noise such that devices UE4 and UE5cannot connect to the network, effectively securing the network in aphysical sense.

The access point can be configured or setup to provide signal link inthe trusted areas and further provide interference or noise in theuntrusted areas; this setup would be primarily focused on the areafootprint for security (i.e. certain rooms are trusted or untrusted).Alternatively, the access point can be configured to sample the networkand steer either signal link or noise in the direction of individualdevices (based on an access query or login permissions) by varying amode of the active multi-mode antenna(s) such that maxima and/or nullsare directed accordingly.

FIG. 3 shows an example of a link quality matrix, wherein each antennais surveyed for each antenna mode and each device on the network and thecorresponding signal link quality is determined and populated in thematrix. The matrix may be implemented in the form of a lookup table inmemory. The signal quality metric can include, signal to interferenceplus noise ratio (SINR), received signal strength indicator (RSSI),reference signal received power (RSRP), or a similar metric recognizedby those with skill in the art, or a combination thereof. Atpre-determined time intervals, the antenna system can be configured tore-survey and update the link quality matrix data. Thus, an antennasystem including one or more active multi-mode antennas coupled to acontroller and memory, wherein the memory contains a link qualitymatrix, is capable of determining which antenna and mode combination isbest suited for optimum communication link with one or more devices on anetwork. At the same time, if desired, another multi-mode antenna whichis not used to communicate with trusted devices can produce noisesteered in a direction away from the trusted devices. The controller andmemory may be housed in the access point, or elsewhere on the network,or within a device on the network.

FIG. 4 shows an algorithm process for physical network security using anactive multi-mode antenna, the algorithm includes:

Step 1: start/initialize; turning “off” any and all interfering or noisesignals;

Step 2: the access point MAC layer is computing the frame for the nextUEi that the access point wants to communicate with;

Step 3: are all antenna chain to communicate with the UEi, being used?(if “Yes” then repeat Step 2; if “No” then proceed to Step 4);

Step 4: select unused antenna N for noise generation;

Step 5: is the Signal Quality Matrix for this user filled? (If “Yes”then proceed to Step 6; if “No” then repeat Step 2.);

Step 6 select the mode “K” of antenna N, wherein “K” has the weakestsignal quality for the selected antenna N and users UEi;

Step 7: turn on interfering signal using selected antenna N configuredin mode K.

While this document contains specific illustrated examples, the detailsand descriptions of the illustrated embodiments should not be construedas limitations on the scope of the claimed invention, but rather asdescriptions of features specific to particular embodiments of theinvention which are provided for enabling those having skill in the artto make and use, in general, one or more embodiments of the claimedinvention. Other embodiments will be appreciated by those having skillin the art upon a thorough review of the instant disclosure.

FIG. 5 shows fin antenna system in accordance with an embodiment. Inthis example, in a network having a network footprint including one ormore trusted areas and one or more untrusted areas, the network furtherincluding one or more user equipment devices (UE) positioned in thetrusted and untrusted areas, an access point for communicating with theuser equipment devices within the network footprint is disclosed, theaccess point including: an antenna system 100, the antenna systemcomprising: an active multi-mode antenna 101, the active multi-modeantenna being configurable in one of a plurality of possible antennamodes, wherein the active multi-mode antenna exhibits a distinctradiation pattern when configured in each of said plurality of possibleantenna modes; the active multi-mode antenna coupled to a controller 102and memory 103, said memory including signal quality data associatedwith a link quality metric relating link quality between each of the oneor more user equipment devices and the active multi-mode antenna in eachof the plurality of possible modes thereof, the controller beingconfigured to communicate signals tor adjusting the mode of the activemulti-mode antenna based on the signal quality data, the activemulti-mode antenna being adapted to produce an interfering signal, andfurther adapted to steer the interfering signal in a direction toward atleast one of the untrusted areas of the network footprint by changing amode of the active multi-mode antenna; wherein said interfering signalphysically limits link budget between the access point and a devicepositioned in the at least one of the untrusted areas of the networkfootprint.

The memory may constitute any non-transitory computer readable mediumcapable of containing the signal quality data. The memory may be housedwithin a volume of the controller, or may be housed separately andoutside of the controller volume.

The link quality metric may comprise, signal to interference plus noiseratio (SINR), received signal strength indicator (RSSI), and/orreference signal received power (RSRP).

The antenna system may comprise a plurality of active multi-modeantennas.

In one embodiment, the antenna system comprises four active multi-modeantennas, wherein a first through third of said four active multi-modeantennas are each configured in corresponding modes thereof whereinoptimal link quality is achieved with the user equipment devicespositioned in the one or more trusted areas of the network footprint;and wherein a fourth of said four active multi-mode antennas producesthe interfering signal and is configured in a mode wherein weakestsignal quality is achieved with the user equipment devices positioned inthe one or more trusted areas of the network footprint.

The fourth active modal antenna may be configured to direct theinterfering signal toward one or more of the untrusted areas of thenetwork footprint.

The controller and memory may be housed in the access point, or at leastone may be housed outside the access point.

In another embodiment, the controller is configured to execute analgorithm for selecting one of the active multi-mode antennas andconfiguring the selected antenna in one of the plurality of possiblemodes thereof, the algorithm comprising: (i) Step 1: turning “off”interfering signals; (ii) Step 2: with the access point MAC layer,computing the frame for the next UEi that the access point wants tocommunicate with; (iii) Step 3: if all antenna chain to communicate withthe UEi, are being used then repeat Step 2, otherwise proceed to Step 4;(iv) Step 4: select unused antenna N for noise generation, (v) Step 5:if the Signal Quality Matrix for this user filled then proceed to Step6, otherwise repeat Step 2; (vi) Step 6: select the mode “K”, wherein“K” has the weakest signal quality for the selected antenna N and usersUEis; and (vii) Step 7: turn on interfering signal using selectedantenna N configured in mode K.

In some embodiments, several antennas can be used to generateinterfering signal(s) on different channels or in different areas.

One having skill in the art will recognize that certain variations,combinations and derivatives can be achieved without undueexperimentation by combining the explicit features of this disclosurewith the ordinary level of knowledge and skill in the art; and suchvariations, combinations and derivatives are therefore deemed to becaptured within the scope of this disclosure and the appended claims.

What is claimed is:
 1. A method for controlling active multi-modeantennas of a first device on a network, the method comprising:accessing, by one or more controllers, signal quality data stored in amemory device, the signal quality data comprising at least one linkquality metric relating link quality between one or more second deviceson the network and the active multi-mode antennas of the first devicefor each of a plurality of modes for in which the active multi-modeantennas are configurable, each of the plurality of modes associatedwith a different radiation pattern; configuring, by the one or morecontrollers, a first active multi-mode antenna of the active multi-modeantennas in a first mode of the plurality of modes to communicate withat least one second device physically located in a first area of anetwork footprint based on the signal quality data; configuring, by theone or more controllers, a second active multi-mode antenna of the firstdevice in a second mode of the plurality of modes to communicate with atleast one third device positioned in a second area of the networkfootprint; producing, by the one or more controllers, an interferingsignal to reduce signal quality for a communication link with the atleast one third device positioned in the second area of the networkfootprint; and communicating, via the second active multi-mode antenna,the interfering signal to the at least one third device while the secondactive multi-mode antenna is configured in the second mode.
 2. Themethod of claim 1, wherein the first area of the network footprint is atrusted area.
 3. The method of claim 2, wherein the second area of thenetwork footprint is an untrusted area.
 4. The method of claim 1,wherein said link quality metric comprises: signal to interference plusnoise ratio (SINR), received signal strength indicator (RSSI), referencesignal received power (RSRP).
 5. The method of claim 1, wherein thefirst device is a network access point.
 6. The method of claim 1,wherein the first device is a client device.
 7. The method of claim 1,wherein each of the active multi-mode antennas of the first devicecomprise a radiating element and one or more parasitic elements, each ofthe one or more parasitic elements coupled to an active componentconfigured to vary a reactive load for the parasitic element.
 8. Themethod of claim 1, wherein the method comprises learning which portionof a network footprint is a trusted area and which portion of a networkfootprint is an untrusted area.
 9. The method of claim 8, whereinlearning which portion of a network footprint is a trusted area andwhich portion of a network footprint is an untrusted area comprisesreceiving a user input via an application installed on a device incommunication with the first device.
 10. The method of claim 1, whereinproducing the interfering signal occurs in response to configuring thesecond active multi-mode antenna in the second mode of the plurality ofmodes to communicate with the at least one third device positionedwithin the second area of the network footprint.
 11. A network device,comprising: a plurality of active multi-mode antennas, each of theactive multi-mode antennas configurable in a plurality of modes, eachmode associated with a different radiation pattern; a controllerconfigured to configure a first active multi-mode antenna of theplurality of active multi-mode antennas in a first mode of the pluralityof modes to communicate with a first device physically located in afirst area of a network footprint; and configure a second activemulti-mode antenna of the plurality of active multi-mode antennas in asecond mode of the plurality of modes to communicate with a seconddevice physically located in a second area of the network footprint; andcommunicate an interfering signal to the second device via the secondactive multi-mode antenna while the second active multi-mode antenna isconfigured in the second mode of the plurality of modes to reduce signalquality for the second device.
 12. The network device of claim 11,wherein the network device comprises a second active multi-mode antennaconfigurable in a plurality of modes, each mode associated with adifferent radiation pattern.
 13. The network device of claim 12, whereinthe controller is configured to control the second active multi-modeantenna to communicate with a device positioned in a trusted area of thenetwork footprint.
 14. The network device of claim 11, wherein thenetwork device is a network access point.